From fde4a2c7d25b6ab95c3d360a41afcae5cef06723 Mon Sep 17 00:00:00 2001 From: Bartosz Karwacki Date: Tue, 4 Jan 2022 01:51:58 +0100 Subject: [PATCH] zad 4.3 --- README.md | 18 +++++ zad_4_1/Dockerfile | 7 ++ zad_4_1/deploy.sh | 5 ++ zad_4_1/main.tf | 170 ++++++++++++++++++++++++++++++++++++++++ zad_4_1/user_data | 7 ++ zad_4_2/Dockerfile | 7 ++ zad_4_2/deploy.sh | 5 ++ zad_4_2/main.tf | 190 +++++++++++++++++++++++++++++++++++++++++++++ zad_4_2/user_data | 7 ++ 9 files changed, 416 insertions(+) create mode 100644 README.md create mode 100644 zad_4_1/Dockerfile create mode 100755 zad_4_1/deploy.sh create mode 100644 zad_4_1/main.tf create mode 100644 zad_4_1/user_data create mode 100644 zad_4_2/Dockerfile create mode 100755 zad_4_2/deploy.sh create mode 100644 zad_4_2/main.tf create mode 100644 zad_4_2/user_data diff --git a/README.md b/README.md new file mode 100644 index 0000000..3b671fb --- /dev/null +++ b/README.md @@ -0,0 +1,18 @@ +### Zadanie 4.3 dla zadaƄ 4.1/4.2 + +## Potrzeba +- Docker +- Credentials aws w ~/.aws + + +#### Zad 4.1 +``` +cd zad_4_1 +./deploy.sh +``` + +#### Zad 4.2 +``` +cd zad_4_2 +./deploy.sh +``` \ No newline at end of file diff --git a/zad_4_1/Dockerfile b/zad_4_1/Dockerfile new file mode 100644 index 0000000..338348f --- /dev/null +++ b/zad_4_1/Dockerfile @@ -0,0 +1,7 @@ +FROM hashicorp/terraform:latest + +COPY . . +RUN mkdir ~/.aws +RUN cp credentials ~/.aws + +ENTRYPOINT terraform init && terraform apply -auto-approve && sleep 120 && terraform destroy -auto-approve diff --git a/zad_4_1/deploy.sh b/zad_4_1/deploy.sh new file mode 100755 index 0000000..c0f0b90 --- /dev/null +++ b/zad_4_1/deploy.sh @@ -0,0 +1,5 @@ +#!/bin/bash +cp ~/.aws/credentials ./credentials +docker build -t aws-4-1 . +docker run aws-4-1 +rm credentials diff --git a/zad_4_1/main.tf b/zad_4_1/main.tf new file mode 100644 index 0000000..14f1427 --- /dev/null +++ b/zad_4_1/main.tf @@ -0,0 +1,170 @@ +provider "aws" { + region = "us-east-1" +} + +resource "aws_vpc" "main" { + cidr_block = "10.0.0.0/16" + + tags = { + Name = "cloud-vpc" + } +} + +resource "aws_subnet" "public_subnet" { + vpc_id = aws_vpc.main.id + cidr_block = "10.0.0.0/24" + availability_zone = "us-east-1a" + map_public_ip_on_launch = true + tags = { + Name = "cloud-subnet" + } +} + +resource "aws_internet_gateway" "ig" { + vpc_id = aws_vpc.main.id + tags = { + Name = "cloud-igw" + } +} + +resource "aws_eip" "nat_eip" { + vpc = true +} + +resource "aws_nat_gateway" "nat" { + allocation_id = aws_eip.nat_eip.id + subnet_id = element(aws_subnet.public_subnet.*.id, 0) + tags = { + Name = "cloud-nat" + } +} + +resource "aws_route_table" "public" { + vpc_id = aws_vpc.main.id + tags = { + Name = "cloud-public-route-table" + } +} + +resource "aws_route" "public_internet_gateway" { + route_table_id = aws_route_table.public.id + destination_cidr_block = "0.0.0.0/0" + gateway_id = aws_internet_gateway.ig.id +} + + +resource "aws_route_table_association" "public" { + subnet_id = aws_subnet.public_subnet.id + route_table_id = aws_route_table.public.id +} + +resource "aws_security_group" "default" { + name = "cloud-default-sg" + description = "Default security group to allow inbound/outbound from the VPC" + vpc_id = aws_vpc.main.id + ingress { + description = "SSH from VPC" + from_port = 22 + to_port = 22 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + ipv6_cidr_blocks = ["::/0"] + } + + ingress { + description = "HTTP from VPC" + from_port = 80 + to_port = 80 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + ipv6_cidr_blocks = ["::/0"] + } + ingress { + description = "HTTP from VPC" + from_port = 443 + to_port = 443 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + ipv6_cidr_blocks = ["::/0"] + } + + ingress { + description = "HTTP from VPC" + from_port = 8080 + to_port = 8080 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + ipv6_cidr_blocks = ["::/0"] + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + ipv6_cidr_blocks = ["::/0"] + } +} + +data "template_file" "user_data_server" { + template = file("user_data") +} + + +resource "aws_instance" "server" { + count = 2 + ami = "ami-0ed9277fb7eb570c9" + instance_type = "t2.micro" + subnet_id = aws_subnet.public_subnet.id + vpc_security_group_ids = [aws_security_group.default.id] + user_data = data.template_file.user_data_server.rendered + + tags = { + Name = "cloud-server-${count.index}" + } +} + + +resource "aws_eip" "lb" { + network_border_group = "us-east-1" +} + +resource "aws_lb" "lb" { + name = "cloud-lb" + internal = false + load_balancer_type = "network" + subnet_mapping { + subnet_id = aws_subnet.public_subnet.id + allocation_id = aws_eip.lb.id + } +} + + +resource "aws_lb_target_group" "main" { + name = "tg-cloud" + port = 8080 + protocol = "TCP" + vpc_id = aws_vpc.main.id +} + +resource "aws_lb_target_group_attachment" "group_attachment" { + count = 2 + target_group_arn = aws_lb_target_group.main.arn + target_id = aws_instance.server[count.index].id + port = 8080 +} + +resource "aws_lb_listener" "lb_listener" { + load_balancer_arn = aws_lb.lb.arn + port = "8080" + protocol = "TCP" + + default_action { + type = "forward" + target_group_arn = aws_lb_target_group.main.arn + } +} + +output "lb_ip" { + value = "http://${aws_eip.lb.public_ip}:8080" +} \ No newline at end of file diff --git a/zad_4_1/user_data b/zad_4_1/user_data new file mode 100644 index 0000000..a4b278f --- /dev/null +++ b/zad_4_1/user_data @@ -0,0 +1,7 @@ +#cloud-config +packages: + - git + +runcmd: + - git clone https://git.wmi.amu.edu.pl/s470611/DPZC-aws + - ./DPZC-aws/webservice \ No newline at end of file diff --git a/zad_4_2/Dockerfile b/zad_4_2/Dockerfile new file mode 100644 index 0000000..cdc482e --- /dev/null +++ b/zad_4_2/Dockerfile @@ -0,0 +1,7 @@ +FROM hashicorp/terraform:latest + +COPY . . +RUN mkdir ~/.aws +RUN cp credentials ~/.aws + +ENTRYPOINT terraform init && terraform apply -auto-approve && sleep 1500 && terraform destroy -auto-approve \ No newline at end of file diff --git a/zad_4_2/deploy.sh b/zad_4_2/deploy.sh new file mode 100755 index 0000000..c06e20b --- /dev/null +++ b/zad_4_2/deploy.sh @@ -0,0 +1,5 @@ +#!/bin/bash +cp ~/.aws/credentials ./credentials +docker build -t aws-4-2 . +docker run aws-4-2 +rm credentials diff --git a/zad_4_2/main.tf b/zad_4_2/main.tf new file mode 100644 index 0000000..4db67da --- /dev/null +++ b/zad_4_2/main.tf @@ -0,0 +1,190 @@ +provider "aws" { + region = "us-east-1" +} + +resource "aws_vpc" "main" { + cidr_block = "10.0.0.0/16" + + tags = { + Name = "cloud2-vpc" + } +} + +resource "aws_subnet" "public_subnet" { + vpc_id = aws_vpc.main.id + cidr_block = "10.0.0.0/24" + availability_zone = "us-east-1a" + map_public_ip_on_launch = true + tags = { + Name = "cloud2-subnet" + } +} + +resource "aws_internet_gateway" "ig" { + vpc_id = aws_vpc.main.id + tags = { + Name = "cloud2-igw" + } +} + +resource "aws_eip" "nat_eip" { + vpc = true +} + +resource "aws_nat_gateway" "nat" { + allocation_id = aws_eip.nat_eip.id + subnet_id = element(aws_subnet.public_subnet.*.id, 0) + tags = { + Name = "cloud2-nat" + } +} + +resource "aws_route_table" "public" { + vpc_id = aws_vpc.main.id + tags = { + Name = "cloud2-public-route-table" + } +} + +resource "aws_route" "public_internet_gateway" { + route_table_id = aws_route_table.public.id + destination_cidr_block = "0.0.0.0/0" + gateway_id = aws_internet_gateway.ig.id +} + + +resource "aws_route_table_association" "public" { + subnet_id = aws_subnet.public_subnet.id + route_table_id = aws_route_table.public.id +} + +resource "aws_security_group" "default" { + name = "cloud2-default-sg" + description = "Default security group to allow inbound/outbound from the VPC" + vpc_id = aws_vpc.main.id + ingress { + description = "SSH from VPC" + from_port = 22 + to_port = 22 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + ipv6_cidr_blocks = ["::/0"] + } + + ingress { + description = "HTTP from VPC" + from_port = 80 + to_port = 80 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + ipv6_cidr_blocks = ["::/0"] + } + ingress { + description = "HTTP from VPC" + from_port = 443 + to_port = 443 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + ipv6_cidr_blocks = ["::/0"] + } + + ingress { + description = "HTTP from VPC" + from_port = 8080 + to_port = 8080 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + ipv6_cidr_blocks = ["::/0"] + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + ipv6_cidr_blocks = ["::/0"] + } +} + +data "template_file" "user_data_server" { + template = filebase64("user_data") +} + + +resource "aws_eip" "lb" { + network_border_group = "us-east-1" +} + +resource "aws_lb" "lb" { + name = "cloud2-lb" + internal = false + load_balancer_type = "network" + subnet_mapping { + subnet_id = aws_subnet.public_subnet.id + allocation_id = aws_eip.lb.id + } +} + + +resource "aws_lb_target_group" "main" { + name = "tg-cloud2" + port = 8080 + protocol = "TCP" + vpc_id = aws_vpc.main.id +} + +resource "aws_lb_listener" "lb_listener" { + load_balancer_arn = aws_lb.lb.arn + port = "8080" + protocol = "TCP" + + default_action { + type = "forward" + target_group_arn = aws_lb_target_group.main.arn + } +} + +output "lb_ip" { + value = "http://${aws_eip.lb.public_ip}:8080" +} + +resource "aws_launch_template" "template" { + name = "cloud2-template" + image_id = "ami-0ed9277fb7eb570c9" + instance_type = "t2.micro" + vpc_security_group_ids = [aws_security_group.default.id] + user_data = data.template_file.user_data_server.rendered +} + +resource "aws_autoscaling_group" "autoscaling_group" { + vpc_zone_identifier = [aws_subnet.public_subnet.id] + desired_capacity = 2 + max_size = 5 + min_size = 2 + health_check_type = "ELB" + launch_template { + id = aws_launch_template.template.id + version = "$Latest" + } + force_delete = true + +} + +resource "aws_autoscaling_attachment" "asg_attachment_lb" { + autoscaling_group_name = aws_autoscaling_group.autoscaling_group.id + alb_target_group_arn = aws_lb_target_group.main.arn +} + + +resource "aws_autoscaling_policy" "asp" { + name = "cloud2-asp" + policy_type = "TargetTrackingScaling" + target_tracking_configuration { + predefined_metric_specification { + predefined_metric_type = "ASGAverageCPUUtilization" + } + + target_value = 10 + } + autoscaling_group_name = aws_autoscaling_group.autoscaling_group.name +} \ No newline at end of file diff --git a/zad_4_2/user_data b/zad_4_2/user_data new file mode 100644 index 0000000..a4b278f --- /dev/null +++ b/zad_4_2/user_data @@ -0,0 +1,7 @@ +#cloud-config +packages: + - git + +runcmd: + - git clone https://git.wmi.amu.edu.pl/s470611/DPZC-aws + - ./DPZC-aws/webservice \ No newline at end of file